[ietf-dkim] Proposal: Removal of AUID (i= tag/value)
chl at clerew.man.ac.uk
Mon Apr 11 02:06:51 PDT 2011
On Fri, 08 Apr 2011 19:55:09 +0100, Franck Martin <fmartin at linkedin.com>
> On 4/8/11 23:38 , "Charles Lindsey" <chl at clerew.man.ac.uk> wrote:
>> In practice, there are three usages which seem to be common; are there
>> 1. FROM = Alice at whatever i=sales.example.com d=example.com
>> 2. FROM = Alice at example.com i=sales at example.com d=example.com
>> 3. From = Alice at example.com i=bob at example.com d=example.com.
>> So my inclination is to leave 'i=' there. ...
> This is outside the current DKIM spec, but from your example, we could
> define 3 level of reputations for the domain d=example.com (I'll exclude
> case 1. As I don't know yet what to do with it)
> Level 1) Alice
> Level 2) sales or bob
> Level 3) the whole domain example.com
> It is then possible to decide if we should block (or whitelist) all
> from alice, or all emails coming from sales (or bob) stream, or all
> signed by d=example.com
I think you may have missed the point of my 'bob' example. It would have
been clearer if I had said:
3. From = Alice at example.com i=mallet at example.com d=example.com.
Where mallet is some disgruntled example.com employee posing as Alice. A
human seeing that evidence (E.g. in an A-R header) might well conclude the
message was bogus. But it would be hard for an automaton to spot it.
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim